Just days after the last report on security flaws affecting WordPress plugins, experts reported the release of a critical security update to fix some bugs in Duplicator, one of the most popular plugins among users of this content management system (CMS).
The vulnerability is reportedly critical and evidence of its active exploitation has been found in the wild, and it has been estimated that at least 500,000 WordPress sites run some vulnerable version of Duplicator. While the built-in protections in some security plugins keep users secure from the exploitation of these flaws, it is necessary to verify that the tool updates are completed as soon as possible.
The main risk scenario that the exploitation of this flaw presents is the theft of login credentials from the compromised site’s databases. In the latest security report, WordPress mentioned blocking about 50,000 arbitrary download attempts by exploiting the vulnerability. Most of these attack attempts occurred before Duplicator fixed the bug, so it is considered a zero-day vulnerability, as mentioned by vulnerability testing specialists.
Due to the massive use of this add-on, in addition to the triviality of the attack, this vulnerability has caught the attention of hundreds of hacker groups. To prevent any attack attempts, WordPress site administrators need to verify which version of the affected plugin they are running and, if necessary, install the latest version.
As already mentioned by vulnerability analysis experts, users of plugins like Wordfence are protected against exploiting this flaw, although it should be noted that it is also necessary to run the latest version of any tool Security. If you have reason to believe that your WordPress site was compromised by exploiting the flaw in Duplicator, it is critical that you reset all access credentials from your database immediately.
Finally, various experts advise administrators to review their WordPress site settings, as it may no longer be necessary to use Duplicator. As an alternative measure, you can uninstall the plugin and check the functionality of your site; if you still need to use the plugin, you can install the latest version.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.